SAP

SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM

SAP, Vulnerabilities /

SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM 2025-10-14 at 17:03 By Ionut Arghire SAP has rolled out additional protections for insecure deserialization bugs resolved in NetWeaver AS Java recently. The post SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original […]

React to this headline:

Loading spinner

SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM Read More »

Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday

Adobe, Adobe ColdFusion, Don't miss, Hot stuff, Immersive, magento, News, Patch Tuesday, Sansec, SAP, security update, Tenable, Trend Micro, vulnerability /

Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday 2025-09-10 at 13:56 By Zeljka Zorz On September 2025 Patch Tuesday, Microsoft has released patches for 80+ vulnerabilities in its various software products, but the good news is that none of them are actively exploited. Among the critical and important vulnerabilities patched by Microsoft

React to this headline:

Loading spinner

Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday Read More »

SAP Patches Critical NetWeaver Vulnerabilities

Patch Tuesday, SAP, Vulnerabilities /

SAP Patches Critical NetWeaver Vulnerabilities 2025-09-09 at 17:07 By Ionut Arghire The critical-severity NetWeaver flaws could be exploited for remote code execution and privilege escalation. The post SAP Patches Critical NetWeaver Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SAP Patches Critical NetWeaver Vulnerabilities Read More »

Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)

Don't miss, enterprise, Hot stuff, NCSC-NL, News, SAP, SAP security, SecurityBridge, vulnerability /

Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957) 2025-09-05 at 15:03 By Zeljka Zorz A critical vulnerability (CVE-2025-42957) in SAP S/4HANA enterprise resource planning software is being exploited by attackers “to a limited extent”, the Dutch National Cyber Security Center (NCSC NL) has warned on Friday. Their alert seems to be based on a report

React to this headline:

Loading spinner

Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957) Read More »

Recent SAP S/4HANA Vulnerability Exploited in Attacks

exploited, Featured, SAP, Vulnerabilities /

Recent SAP S/4HANA Vulnerability Exploited in Attacks 2025-09-05 at 11:09 By Eduard Kovacs A critical SAP S/4HANA code injection flaw tracked as CVE-2025-42957 and allowing full system takeover has been exploited in the wild. The post Recent SAP S/4HANA Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Recent SAP S/4HANA Vulnerability Exploited in Attacks Read More »

Exploit for critical SAP Netweaver flaws released (CVE-2025-31324, CVE-2025-42999)

Don't miss, exploit, Hot stuff, News, Onapsis, SAP, SAP security, Shadowserver, vulnerability /

Exploit for critical SAP Netweaver flaws released (CVE-2025-31324, CVE-2025-42999) 2025-08-20 at 19:25 By Zeljka Zorz A working exploit concatenating two critical SAP Netweaver vulnerabilities (CVE-2025-31324, CVE-2025-42999) that have been previously exploited in the wild has been made public by VX Underground, Onapsis security researchers have warned. The exploit has allegedly been released on a Telegram

React to this headline:

Loading spinner

Exploit for critical SAP Netweaver flaws released (CVE-2025-31324, CVE-2025-42999) Read More »

New Exploit Poses Threat to SAP NetWeaver Instances

exploit, exploited, SAP, Vulnerabilities /

New Exploit Poses Threat to SAP NetWeaver Instances 2025-08-19 at 15:59 By Ionut Arghire A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks. The post New Exploit Poses Threat to SAP NetWeaver Instances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

New Exploit Poses Threat to SAP NetWeaver Instances Read More »

SAP Patches Critical S/4HANA Vulnerability

patch, Patch Tuesday, SAP, Vulnerabilities, vulnerability /

SAP Patches Critical S/4HANA Vulnerability 2025-08-12 at 14:42 By Eduard Kovacs SAP has released 15 new security notes on the August 2025 Patch Tuesday, including for critical vulnerabilities. The post SAP Patches Critical S/4HANA Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SAP Patches Critical S/4HANA Vulnerability Read More »

SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover

SAP, Vulnerabilities /

SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover 2025-07-08 at 16:01 By Ionut Arghire SAP has released patches for multiple insecure deserialization vulnerabilities in NetWeaver that could lead to full system compromise. The post SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover appeared first on

React to this headline:

Loading spinner

SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover Read More »

Critical Vulnerability Patched in SAP NetWeaver

SAP, Vulnerabilities, vulnerability /

Critical Vulnerability Patched in SAP NetWeaver 2025-06-10 at 14:09 By Ionut Arghire SAP has fixed a critical NetWeaver vulnerability allowing attackers to bypass authorization checks and escalate their privileges. The post Critical Vulnerability Patched in SAP NetWeaver appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Vulnerability Patched in SAP NetWeaver Read More »

Why SAP security updates are a struggle for large enterprises

CISO, cybersecurity, Don't miss, how-to, News, Pathlock, SAP, security update, strategy, tips, Video /

Why SAP security updates are a struggle for large enterprises 2025-06-05 at 07:33 By Help Net Security In this Help Net Security video, Jonathan Stross, SAP Security Analyst at Pathlock, examines why managing SAP security updates is so complex for enterprises. From highly customized, interconnected environments to the pressure of real-time patching, Strauss highlights why

React to this headline:

Loading spinner

Why SAP security updates are a struggle for large enterprises Read More »

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws

China APT, exploited, Malware & Threats, Ransomware, SAP /

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws 2025-05-15 at 13:48 By Ionut Arghire Two ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities. The post Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws Read More »

SAP Patches Another Critical NetWeaver Vulnerability

SAP, Vulnerabilities, vulnerability /

SAP Patches Another Critical NetWeaver Vulnerability 2025-05-13 at 16:01 By Ionut Arghire SAP has released 16 new security notes on its May 2025 Security Patch Day, including a note dealing with another critical NetWeaver vulnerability. The post SAP Patches Another Critical NetWeaver Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

SAP Patches Another Critical NetWeaver Vulnerability Read More »

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors

Don't miss, enterprise, Forescout, Government, Hot stuff, Incident Response, Mandiant, News, Onapsis, SAP, web shell /

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors 2025-05-12 at 16:07 By Zeljka Zorz A second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. “[The] attacks [are] staged by follow-on, opportunistic threat actors who are leveraging previously established webshells (from the first zero-day attack) on vulnerable

React to this headline:

Loading spinner

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors Read More »

SAP Zero-Day Targeted Since January, Many Sectors Impacted 

China, exploited, SAP, Vulnerabilities, Zero-Day /

SAP Zero-Day Targeted Since January, Many Sectors Impacted  2025-05-09 at 14:01 By Ionut Arghire Hundreds of SAP NetWeaver instances hacked via a zero-day that allows remote code execution, not only arbitrary file uploads, as initially believed. The post SAP Zero-Day Targeted Since January, Many Sectors Impacted  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

SAP Zero-Day Targeted Since January, Many Sectors Impacted  Read More »

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise

exploited, SAP, Vulnerabilities, Zero-Day /

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise 2025-05-06 at 15:39 By Ionut Arghire Threat actors are revisiting SAP NetWeaver instances to leverage webshells deployed via a recent zero-day vulnerability. The post Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise Read More »

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks

exploited, SAP, Vulnerabilities, Zero-Day /

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks 2025-04-29 at 13:34 By Ionut Arghire More than 400 SAP NetWeaver servers are impacted by CVE-2025-31324, an exploited remote code execution vulnerability. The post Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks Read More »

Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)

Don't miss, enterprise, Government, Hot stuff, News, Onapsis, ReliaQuest, SAP /

Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324) 2025-04-28 at 13:00 By Zeljka Zorz CVE-2025-31324, a critical vulnerability in the SAP NetWeaver platform, is being actively exploited by attackers to upload malicious webshells to enable unauthorized file uploads and code execution. The vulnerability was initially leveraged in zero-day attacks spotted by ReliaQuest

React to this headline:

Loading spinner

Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324) Read More »

SAP Zero-Day Possibly Exploited by Initial Access Broker

exploited, Featured, initial access broker, SAP, Vulnerabilities, Zero-Day /

SAP Zero-Day Possibly Exploited by Initial Access Broker 2025-04-25 at 12:38 By Ionut Arghire A zero-day vulnerability in SAP NetWeaver potentially affects more than 10,000 internet-facing applications. The post SAP Zero-Day Possibly Exploited by Initial Access Broker appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SAP Zero-Day Possibly Exploited by Initial Access Broker Read More »

SAP Patches Critical Code Injection Vulnerabilities

patch, SAP, Vulnerabilities, vulnerability /

SAP Patches Critical Code Injection Vulnerabilities 2025-04-08 at 16:29 By Ionut Arghire SAP released 20 security notes on April 2025 patch day, including three addressing critical code injection and authentication bypass flaws. The post SAP Patches Critical Code Injection Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

SAP Patches Critical Code Injection Vulnerabilities Read More »

Scroll to Top